What data we collect
Newgale Lodge is owned and run by The Development Company and we care about protecting your privacy. We will use your personal information to administer your booking and account, communicate with you about our services and provide the products and services you have requested from us.
Why your data matters to us
To provide you with our services, we will collect some personal data about you which includes your name, address, email and phone number. Your data is stored on a secure database operated by our booking manager, Freetobook. This database is fully compliant with the GDPR data rules.
To ensure your wellbeing and safety during your stay, we will also request some sensitive personal data information from you relating to any medical, allergies or intolerances that you may have. These will be held securely and only accessed by authorised persons. It will only be shared with suppliers who provide our services to you, and we only collect this information where it is necessary to deliver our services to you. This includes catering and activity options that you may select for your stay. If you do not allow us to process any sensitive personal data, this may mean we are unable to provide all or parts of the services you have requested from us. Please be aware that in such circumstances you will not be entitled to cancel or obtain a refund of any price you have paid.
Newgale Lodge operates CCTV for the security of guests and your image and/or those of your group may be recorded on this system when you visit.
To process payment for our services, we will gather your payment details. All credit and debit card data captured via our booking system or by other means is kept secure with the PCI level 1 compliance of FabPay with payments made through the SagePay gateway. SagePay are a PCI Level 1 gateway. Card details are tokenised in the format xxxx xxxx xxxx 1234 for security of your data and may be retained for 120 days for the purpose of administering payments.
We will retain your comments and feedback about our service and your guest experience when these are provided by you.
What we use your data for
We need to know your personal data so that we can confirm your booking and contact you with information about our services. We will only collect personal data from you that we need in order to provide and oversee our services to you with the aim of improving your guest experience.
We may use your personal information to:
• Process your booking and provide you with confirmation
• Take payments via credit/debit card
• Respond to any questions you may have via e-mail or telephone
• Ensure your safety and wellbeing during your stay
• Provide any additional information that may be useful to you during your stay with us
• Request feedback about your experience with us. These requests are also done in conjunction with Freetobook, TripAdvisor, Booking.com, Expedia, HomeAway and AirBnB
• Arrange the return of any personal items that you may leave behind
• Provide you with updates on any future special events or promotions that are happening
All personal data is processed by our staff in the UK; however, for the purposes of IT hosting and maintenance, this information is located on servers within the European Union. Some of our phone calls are recorded, stored and processed for training purposes and to be able to clarify supplied information.
There are times when we might contact you to request your permission to use your testimonials, references, recommendations and likeness (image/video) for sales and marketing purposes. On each occasion, we will ask for your separate consent for this to happen and will provide you with the specific details of its use.
To promote our products and services, we may acquire contact information for organisations available in the public domain or from other reputable organisations. We will always gain your consent for contacting you and if you want to be removed from our list at any time, you can do so via phone, email or our website.
How long we keep your data
We have a Data Protection regime in place to oversee the effective and secure processing of your personal data and we keep your information as long as it is necessary to honour the terms of our contract with you or your organisation unless a longer retention period is authorised by you giving us your explicit consent in order for us to contact you again. Any financial data will be securely held for a period of 7 years, in line with HMRC compliance. Other personal data will be held for a period of 3 years and then destroyed / deleted in line with GDPR compliance and process.